It would be dangerous to oversimplify the parallels between these political approaches and the relationship between open source and closed source software. Even so, it is worth examining the impact and challenges for democracy in the context of ongoing debates about the role of open source, especially in enterprise IT environments.

Democracy, particularly in the open source sense, is better than the autocratic, closed source model of software deployment. For closed source software vendors, a profit motive can ultimately be more influential than an interest in improving the software. More often than not, when deciding whether to invest in product innovation, commercial vendors will ask themselves at least one of these questions...

The “Habanero” module from 8devices runs OpenWrt on Qualcomm’s IPQ4019 SoC. The $55 open spec board supports dual-band, MU-MIMO 802.11ac (Wave2). A development kit for with module adds 5 Ethernet ports and USB.

8devices has added the Habanero as a new member to its line of dual-band system-on-modules (SOMs). The SOM is available in two versions. The Habanero based on Qualcomm’s IPQ4019 SoC is open for pre-orders for $55. And the Habanero-I, based on Qualcomm’s IPQ4029 SoC can be bought on pre-order for $69. A $119 development kit, the Habanero DVK provides the IPQ4019 SoC along with Ethernet, USB and other I/O.

8devices provides a number of modules that run OpenWrt-Linux, the most recent of which was its Komikan SOM based on a MIPS24k-based Realtek SoC. The Habanero appears to be the company’s 2nd module based on a Qualcomm SoC, following its IPQ4018 SoC-based Jalapeno board.

am a new FreeBSD developer and user. I have root access to my VM running in AWS cloud. How do I update packages and apply security upgrades on FreeBSD? What is the procedure for applying security updates on FreeBSD?

FreeBSD follows the concept of a base system and packages. One can apply security updates to the base system using freebsd-update command. You need to use the pkg command to upgrade FreeBSD packages. Let us see step-by-step instructions for implementing security updates polices for your FreeBSD server or desktop system.

Something we've been wait on quite some time, Unexplored from Ludomotion released in 2017 and now game porter Ethan Lee has given it a go with a Linux test build up.

Turns out the port was a little different than usual, as Ethan Lee noted on the Steam post. The game has always been using their FNA magic, so it didn't exactly have a lot of "porting" work to be done. However, due to some issues they had to do some decompiling and apply some manual fixes to get it here. However, it should be mostly "solid".

Yesterday I gave a Bottom to top, left to right writing direction in Writer talk at the LibreOffice Conference 2019. The room was well-crowded — perhaps because it was on the first day and in the largest room.

It contains some details which are not available in previous btLr blog posts, like what natural languages use this direction, how to replace real-world clocks without breaking compatibility and more!

If you’re itching to go deeper into the legal aspects of navigating WordPress’ relationship to the GPL license, Richard Best has recently made his ebook (and the audio version) called “A Practical Guide to WordPress and the GPL” available for free. Best, a technology and public lawyer based in New Zealand, had previously sold the book with other products as part of a business package that is still available for purchase. After receiving feedback on his most recent post titled “Taking GPL’d code proprietary,” he found that the issues addressed in the book are still relevant and decided to release it for free.

The time is upon us again! PyCon 2020’s Call for Proposals has officially opened for talks, tutorials, posters, education summit, and charlas. PyCon is made by you, so we need you to share what you’re working on, how you’re working on it, what you’ve learned, what you’re learning, and so much more.

Since I stopped working as an academic, and took time out to focus on my work and look after my new baby, I've been trying to find something which allows me to fit my work nicely around the rest of my life. I've done bits of short part-time work contracts, and various bits of freelance work - and I've now decided that freelancing is the way forward.

On this episode, we dive into Python for lawyers and a special tool for conducting legal interviews. Imagine you have to collect details for 20,000 participants in a class-action lawsuit. docassemble, a sweet Python web app, can do it for you with easy.

The Defense Department is not abiding by a federal mandate to promote the use of open source software and make common code more readily available to other agencies, according to the Government Accountability Office.

In 2016, the Office of Management and Budget published a memorandum that required every federal agency to make at least 20% of their custom-built software open source within three years, meaning the code would be available for other agencies to use. However, as of July, the Pentagon had released less than 10% of its software as open source, according to GAO.

The department has also failed to fully implement a number of other open source software initiatives required by the OMB memo, such as creating an enterprisewide open source software policy and building inventories of custom code, auditors said. Additionally, officials never created performance metrics to measure the success of their open source software efforts.

In both industry and government, the popularity of open source software has exploded in recent years to keep up with the growing demand for fresh tech. By sharing and reusing code, organizations can reduce the cost of developing software and trust the code they’re using has been thoroughly tested by other users.

However, relying on software that someone else developed requires a certain level of trust. If the developer overlooks a vulnerability in the code—or intentionally inserts one—that bug could end up in countless applications, and users wouldn’t know it’s there.

One of the main problems seemed to be the most popular games driving these sections, Valve claims this happened with the "Similar by Tags" section and it was a bug they've since fixed. There's lots of other little bug fixes and changes done, which has also resulted in the "Recommended for You" section also now being less biased towards the most popular titles.

GNOME 3.34 is the latest iterative release of open-source desktop environment for Linux systems. After 6 months long development cycle, GNOME 3.34 is released and this release brings some long-pending troublemaker feature fixes for this widely used desktop environment.

One of the best and most practical use-cases for sandboxed Linux apps via Flatpak or Snaps is certainly web browsers. There has been unofficial Firefox Flatpaks offered to this point but it's looking like better support for a Flatpak'ed Firefox could be coming down the pipe soon.

In this post we will explain the vhost-net architecture described in the introduction, to make it clear how everything works together from a technical point of view. This is part of the series of blogs that introduces you to the realm of virtio-networking which brings together the world of virtualization and the world of networking.

This post is intended for architects and developers who are interested in understanding what happens under the hood of the vhost-net/virtio-net architecture described in the previous blog.

We'll start by describing how the different virtio spec standard components and shared memory regions are arranged in the hypervisor, how QEMU emulates a virtio network device and how the guest uses the open virtio specification to implement the virtualized driver for managing and communicating with that device.

After showing you the QEMU virtio architecture we will analyze the I/O bottlenecks and limitations and we will use the host’s kernel to overcome them, reaching the vhost-net architecture presented in the overview post (link).

We also discussed snaps and when Ubuntu possibly moves to “all snaps all the time” for applications at least. This may be in our future, so it is worth thinking and discussing.

Tobias Fischbach came by the BOF and told us about Limux which is based on Kubuntu. This has been the official computer distribution of Munich for the past few years. Now however, unless the Mayor changes (or changes his mind) the city is moving to Windows again, which will be unfortunate for the City.

Slightly off-topic but relevent is that KDE neon will be moving to 20.04 base soon after release, but they will not stay on the Plasma LTS or Qt LTS. So users who want the very latest in KDE Plasma and applications will continue to have the option of using Neon, while our users, who expect more testing and stability can choose between the LTS for the ultimate in stability and our interim releases for newer Plasma and applications.

This year is the third edition of the GUADEC. Things were slightly different now: I was not a GSoC student anymore and I had my first jet lag. Three flights, some trains (including a type of train which rails were suspended in the air) were enough to go to Thessaloniki lands. When I arrived to Greece, I was a bit scared of the language since the alphabet would be almost impossible to type in my smartphone. However, I could easily reach the accomodation point.

My purpose for this GUADEC was different than the past ones. In the past I went basically to talk about my Google Summer of Code projects, but this time I wanted to show to the attendees the project I was working on as part of my dissertation project. I wanted to re-write almost everything of what I did and in the best case my plan was to find a contributor to my project. I am very happy to say that I found one contributor to this project. The project I talk about consisted on adding face overlay effects to Cheese developing a GStreamer plugins which elements should be better than gstfaceoverlay and gstfacedetect. The code of the project I made for my dissertation project can be found on this link and the one that is being written from scratch can be found on this repository. The slides are available on Google Docs and the full details (actually the thesis document) is written (in Spanish) in this document.

[...]

After GUADEC I had some vacations in Greece for about one week more and then I was going to Poznan, Poland. As I mentioned, the first day of the event I met Mieszko Mazurek who actually lives in that city. He was showing me the city and his office in which he works were he develops low-level and high-level software to control batteries. He uses GNOME-based technology for this high-level software. I also continued to show him and explaining him about the Cheese Face Effects project. Finally, that day I could get the code I wrote during the event with the help of him to work as expected. Now I am on Krakow, and he is going to do an inter-city trip to continue talking about the mentioned project.

I've been doing a little refactoring of gdk-pixbuf's crufty code, to see if the gripes from my braindump can be solved. For things where it is not obvious how to proceed, I've started taking more detailed notes in a gdk-pixbuf survey.

Today I was looking at which gdk-pixbuf modules are implemented by third parties, that is, which external projects provide their own image codecs pluggable into gdk-pixbuf.

And there are not that many!

The only four that I found are libheif, libopenraw, libwmf, librsvg (this last one, of course).

A typical kernel development cycle involves pulling patches from over 100 repositories into the mainline. Any of those pulls could conceivably bring with it malicious code, leaving the kernel (and its users) open to compromise. The kernel's web of trust helps maintainers to ensure that pull requests are legitimate, but that web has become difficult to maintain in the wake of the recent attacks on key servers and other problems. So now the kernel community is taking management of its web of trust into its own hands.

Some history

As recently as 2011, there was no mechanism in place to verify the provenance of pull requests sent to kernel maintainers. If an emailed request looked legitimate, and the proposed code changes appeared to make sense, then the requested pull would generally be performed. That degree of openness makes for a low-friction development experience, but it also leaves the project open to at least a couple types of attacks. Email is easy to forge; an attacker could easily create an email that appeared to be from a known maintainer, but which requested a pull from a malicious repository.

The risk grows greater if an attacker somehow finds a way to modify a maintainer's repository (on kernel.org or elsewhere); then the malicious code would be coming from a trusted location. The chances of a forged pull request from a legitimate (but compromised) repository being acted on are discouragingly high.

The compromise of kernel.org in 2011 focused minds on this problem. By all accounts, the attackers had no idea of the importance of the machine they had taken over, so they did not even try to tamper with any of the repositories kept there. But they could have done such a thing. Git can help developers detect and recover from such attacks, but only to an extent. What the community really needs is a way to know that a specific branch or tag proposed for pulling was actually created by the maintainer for the relevant subsystem.

One action that was taken was to transform kernel.org from a machine managed by a small number of kernel developers in their spare time into a carefully thought-out system run by full-time administrators supported by the Linux Foundation. The provision of shell accounts to hundreds of kernel developers was belatedly understood to be something other than the best of ideas, so that is no longer done. No system is immune, but kernel.org has become a much harder target than before, so repositories stored there should be relatively safe.

Finding ways to make it easier and faster to mitigate an ongoing attack against a Linux system at runtime is part of the motivation behind the kernel runtime security instrumentation (KRSI) project. Its developer, KP Singh, gave a presentation about the project at the 2019 Linux Security Summit North America (LSS-NA), which was held in late August in San Diego. A prototype of KRSI is implemented as a Linux security module (LSM) that allows eBPF programs to be attached to the kernel's security hooks.

Singh began by laying out the motivation for KRSI. When looking at the security of a system, there are two sides to the coin: signals and mitigations. The signals are events that might, but do not always, indicate some kind of malicious activity is taking place; the mitigations are what is done to thwart the malicious activity once it has been detected. The two "go hand in hand", he said.

For example, the audit subsystem can provide signals of activity that might be malicious. If you have a program that determines that the activity actually is problematic, then you might want it to update the policy for an LSM to restrict or prevent that behavior. Audit may also need to be configured to log the events in question. He would like to see a unified mechanism for specifying both the signals and mitigations so that the two work better together. That is what KRSI is meant to provide.

He gave a few examples of different types of signals. For one, a process that executes and then deletes its executable might well be malicious. A kernel module that loads and then hides itself is also suspect. A process that executes with suspicious environment variables (e.g. LD_PRELOAD) might indicate something has gone awry as well.

On the mitigation side, an administrator might want to prevent mounting USB drives on a server, perhaps after a certain point during the startup. There could be dynamic whitelists or blacklists of various sorts, for kernel modules that can be loaded, for instance, to prevent known vulnerable binaries from executing, or stopping binaries from loading a core library that is vulnerable to ensure that updates are done. Adding any of these signals or mitigations requires reconfiguration of various parts of the kernel, which takes time and/or operator intervention. He wondered if there was a way to make it easy to add them in a unified way.

For all its faults, email has long proved to be an effective communication mechanism for kernel development. Similarly, Git is an effective tool for source-code management. But there is no real connection between the two, meaning that there is no straightforward way to connect a Git commit with the email discussions that led to its acceptance. Once a patch enters a repository, it transitions into a new form of existence and leaves its past life behind. Doug Anderson recently went to the ksummit-discuss list with a proposal to add Gerrit-style change IDs as a way of connecting the two lives of a kernel patch; the end result may not be quite what he was asking for.

[...]

Creation of this tag is relatively easy; it can be entirely automated at the point where a patch is applied to a Git repository. But it doesn't solve the entire problem; it can associate a commit with the final posting of a patch on a mailing list, but it cannot help to find previous versions of a patch. Generally, the discussion of the last version of a patch is boring since there is usually a consensus at that point that it should be applied. It's the discussion of the previous versions that will have caused changes to be made and which can explain some of the decisions that were made. But kernel developers are remarkably and inexplicably poor at placing the message ID of the final version of a patch into the previous versions.

The most commonly suggested solution to that problem is not fully automatic. Developers like Thomas Gleixner and Christian Brauner argued in favor of adding a link to previous versions of a patch when posting an updated version. Gleixner called for a link to the cover letter of the prior version, while Brauner puts links to all previous versions. Either way, an interested developer can follow the links backward to see how a patch series has changed, along with the discussions that led to those changes.

inux kernel developers like to get support for new features — such as filesystem types — merged quickly. In the case of the exFAT filesystem, that didn't happen; exFAT was created by Microsoft in 2006 for use in larger flash-storage cards, but there has never been support in the kernel for this filesystem. Microsoft's recent announcement that it wanted to get exFAT support into the mainline kernel would appear to have removed the largest obstacle to Linux exFAT support. But, as is so often the case, it seems that some challenges remain.
For years, the Linux community mostly ignored exFAT; it was a proprietary format overshadowed by an unpleasant patent cloud. A Linux driver existed, though, and was shipped as a proprietary module on various Android devices. In 2013, the code for this driver escaped into the wild and was posted to a GitHub repository. But that code was never actually released under a free license and the patent issues remained, so no serious effort to upstream it into the mainline kernel was ever made.

The situation stayed this way for some years. Even Microsoft's decision to join the Open Invention Network (OIN) in 2018 did not change the situation; exFAT, being outside the OIN Linux System Definition, was not covered by any new patent grants. Some people pointed this out at the time, but it didn't raise a lot of concern. Most people, it seemed, had simply forgotten about exFAT, which has a relatively limited deployment overall.

Providing meaningful metrics for open-source projects has long been a challenge, as simply measuring downloads, commits, or GitHub stars typically doesn't say much about the health or diversity of a project. It's a challenge the Linux Foundation's Community Health Analytics Open Source Software (CHAOSS) project is looking to help solve. At the 2019 Open Source Summit North America (OSSNA), Matt Germonprez, one of the founding members of CHAOSS, outlined what the group is currently doing and why its initial efforts didn't work out as expected.

Germonprez is an Associate Professor at the University of Nebraska at Omaha and helped to start CHAOSS, which was first announced at the 2017 OSSNA held in Los Angeles. When CHAOSS got started, he said, there was no bar as to what the project was interested in. "We developed a long list of metrics, they were really unfiltered and uncategorized, so it wasn't doing a lot of good for people," Germonprez admitted.

The success stories that have gathered around data analytics drive broader adoption of the newest artificial-intelligence-based techniques—but risks come along with these techniques. The large numbers of freshly anointed data scientists piling into industry and the sensitivity of the areas given over to machine-learning models—hiring, loans, even sentencing for crime—means there is a danger of misapplied models, which is earning the attention of the public. Two sessions at the recent MinneBOS 2019 conference focused on maintaining ethics and addressing bias in machine-learning applications.

To define a few terms: modern analytics increasingly uses machine learning, currently the most popular form of the field broadly known as artificial intelligence (AI). In machine learning, an algorithm is run repeatedly to create and refine a model, which is then tested against new data.

MinneBOS was sponsored by the Twin Cities organization Minne Analytics; the two sessions were: "The Ethics of Analytics" by Bill Franks and "Minding the Gap: Understanding and Mitigating Bias in AI" by Jackie Anderson. (Full disclosure: Franks works on books for O'Reilly Media, which also employs the author of this article.) Both presenters pointed out that bias can sneak into machine learning at many places, and both laid out some ways to address the risks. There were interesting overlaps between the recommendations of Franks, who organized his talk around stages, and of Anderson who organized her talk around sources of bias.

When we talk about "bias" we normally think of it in the everyday of sense of discrimination on the basis of race, gender, income, or some other social category. This focus on social discrimination is reinforced by articles in the popular press. But in math and science, bias is a technical term referring to improper data handling or choice of inputs. And indeed, the risks in AI go further than protected categories such as race and gender. Bias leads to wrong results, plain and simple. Whether bias leads to social discrimination or just to lost business opportunities and wasted money, organizations must be alert and adopt ways to avoid it.

For a long time, I thought all the files I saw on GitLab and GitHub with an .md extension were written in a file type exclusively for developers. That changed a few weeks ago when I started using Markdown. It quickly became the most important tool in my daily work.

Markdown makes my life easier. I just need to add a few symbols to what I'm already writing and, with the help of a browser extension or an open source program, I can transform my text into a variety of commonly used formats such as ODT, email (more on that later), PDF, and EPUB.

When targeting Skylake-AVX512, Icelake-Client, Icelake-Server, Cascadelake, or Cooperlake with the LLVM Clang compiler where AVX-512 is supported, it will now default to preferring the 256-bit vector width rather than 512-bit with AVX-512. Unless 512-bit intrinsics are used in the source code, 512-bit ZMM registers will not be used since those operations lead to most processors running at a lower frequency state. On current generation processors, the performance gains of AVX-512 can often times be negated due to the AVX-512 frequency hits.

There are ample of funny steam games for kids available on the store for the Linux system. A couple of years back, gaming on the Linux was almost impossible. Nevertheless, a vast range of games are now available in different Linux distros, thanks to steam. Moreover, playing games on Linux is no more difficult. However, many games even available for free. Additionally, there are different genres of games, such as indie, action, adventure, casual, strategy, simulation, RPG, Early Access, single-player, violent, and sports. Linux users can play all these genres of games on steam for absolutely free or spending a little buck.

GNOME 3.34 is the latest version of GNOME 3, and is the result of 6 months’ hard work by the GNOME community. It contains major new features, as well as many smaller improvements and bug fixes. In total, the release incorporates 23929 changes, made by approximately 777 contributors.
3.34 has been named “Thessaloniki” in recognition of this year’s GUADEC organizing team. GUADEC is GNOME’s primary annual conference and is only possible due to the amazing work of local volunteers. This year’s event was held in Thessaloniki, Greece, and was a big success. Thank you, Team Thessaloniki!

The GNOME Project is proud to announce the release of GNOME 3.34, Θεσσαλονίκη
(Thessaloniki).
This release brings performance improvements in the shell, Drag-And-Drop in
the overview, improved mouse and keybord accessibility, previews in the
background panel, support for systemd user sessions, and more.
Improvements to core GNOME applications include new icons, sandboxed browsing
in Web, gapless playback in Music, support for bidirectional text in the
Terminal, more featured applications in Software, and more.
For more information about the changes in GNOME 3.34, you can visit
the release notes:
https://help.gnome.org/misc/release-notes/3.34/
GNOME 3.34 will be available shortly in many distributions. If you want
to try it today, you can use the Fedora 31 beta that will be available soon
or the openSUSE nightly live images which include GNOME 3.34.
https://www.gnome.org/getting-gnome/
http://download.fedoraproject.org/pub/fedora/linux/development/31/Workstation/x86_64/iso/
http://download.opensuse.org/repositories/GNOME:/Medias/images/iso/?P=GNOME_Next*
To try the very latest developments in GNOME, you can also use Fedora
Silverblue, whose rawhide branch always includes the latest GNOME packages.
https://kojipkgs.fedoraproject.org/compose/rawhide/latest-Fedora-Rawhide/compose/Silverblue/x86_64/iso/
If you are interested in building applications for GNOME 3.34, you can
use the GNOME 3.34 Flatpak SDK, which is available in the sdk.gnome.org
repository.
This six-month effort wouldn't have been possible without the whole
GNOME community, made of contributors and friends from all around the
world: developers, designers, documentation writers, usability and
accessibility specialists, translators, maintainers, students, system
administrators, companies, artists, testers and last, but not least,
our users.
GNOME would not exist without all of you. Thank you to everyone!
Our next release, GNOME 3.36, is planned for March 2020. Until then,
enjoy GNOME 3.34!
the GNOME Release Team

Red Hat developer Matthias Clasen has just announced the release of GNOME 3.34 as this widely anticipated update to the GNOME 3 desktop environment.

Making GNOME 3.34 particularly exciting is the plethora of optimizations/fixes in tow with this six-month update. Equally exciting are a ton of improvements and additions around the Wayland support to ensure its performance and feature parity to X11. GNOME 3.34 also brings other improvements line sandboxed browsing with Epiphany, GNOME Music enhancements, GNOME Software improvements, nd a ton of other refinements throughout GNOME Shell, Mutter, and the many GNOME applications.

The GNOME Project announced today the release and general availability of the highly anticipated GNOME 3.34 desktop environment for Linux-based operating systems.

GNOME 3.34 is dubbed "Thessaloniki" after the host city of the GUADEC (GNOME User and Developer European Conference) 2019 event and it's a major release that adds numerous new features and improvements. It's been in development of the past six months and comes as a drop-in replacement for the GNOME 3.32 "Taipei" desktop environment series with many new features.

"The latest version of GNOME 3 has been released today. Version 3.34 contains six months of work by the GNOME community and includes many improvements, performance improvements and new features," reads today's announcement. "Highlights from this release include visual refreshes for a number of applications, including the desktop itself. The background selection settings also received a redesign, making it easier to select custom backgrounds."

While the NVIDIA 435 series is now stable, for those sticking to the previous NVIDIA 430 driver series that is their current "long-lived" driver branch, a new version is available.

NVIDIA 430.50 was released on Wednesday as the latest Linux driver release in this driver series supported for an extended period of time. The only listed change for the NVIDIA 430.50 Linux driver is fixing the display color range handling for pre-Turing GPUs. When limiting the color range via the NVIDIA-Settings GUI, the output pixel values will now be properly clamped to the CTA range.

The third release candidate of the belated Mesa 19.2 is now available while a fourth and likely final RC is expected next week while the stable release of this quarterly Mesa3D update should be out at month's end.

Mesa 19.2-RC3 back-ports the new support for DriConf in Intel's Vulkan driver (for a workaround with GfxBench), various NIR fixes, a GLX segmentation fault is fixed, a few RADV and RadeonSI fixes (including Navi/GFX10 fixes for RadeonSI), and the Intel glthread crash fix for KDE's KWin.

AMD developers are looking at finally re-enabling the LRU bulk moves functionality in their AMDGPU Linux kernel graphics driver that has the ability to help with performance.

The LRU bulk moves patches were posted back in August of 2018 with the ability to help improve OpenCL and Vulkan performance for Radeon graphics. But prior to the release of the Linux 5.0 kernel that functionality was disabled for bugs.

As mentioned in yesterday?s new report, Ubuntu?s community design team have elected to change the look of Ubuntu. The dark header bars used in the ?current? Yaru GTK theme (Ubuntu 19.04) have been replaced by lighter, greyer (though apparently bluer) ones.

The new lighter header bars are said be in keeping with the upstream Adwaita GTK theme (on which Yaru is based). Additionally, the lighter look is said to resolve and address a number of usability issues resulting from the ?mixed? theme set-up.

Radxa has posted specs for a new member of its community backed “Rock Pi” Raspberry Pi lookalike SBC family, this time with an Intel Cherry Trail Atom x5-Z8300, USB 3.0, MicroSD, HDMI, eDP/MIPI, and GbE, plus optional WiFi and Bluetooth 4.2 LE.

In June, Radxa unveiled its Rock Pi S SBC that runs Linux on a RK3308 and updated its RK3399-based Rock Pi 4 with extra memory. Now, Radxa is preparing to add to that family of Raspberry Pi pseudo clones with an SBC called Rock Pi X, based on the Intel “Cherry Trail” Atom x5-Z8300. We learned about the new board from our friends at Hackerboards, who added the Rock Pi X to its database yesterday.

Summer is not yet over (in my climate zone) but it’s time to think about the autumn. Yes, I mean the Linux Autumn, the annual Polish conference of Linux and free software enthusiasts organized by PLUG. I wrote about this event many times in the past, I don’t want to make you bored by the same things again. This year we hope to invite more foreign guests and make the conference more international, possibly with one day full of English talks.

[...]

Remember that the conference is paid for attendees. The money is spent to pay for the accommodation and food for everyone. Why do I ever write in the article for Fedora Planet about a paid and not strictly Fedora-oriented event? First of all, the participation (including accommodation and food) is fully refunded for speakers. I’m not encouraging you to attend a paid event, although if you want you are most welcome. I’m encouraging you to give your talks and participate in a three-days long event for free. Second, this is a Linux event and Fedora is still a Linux distribution. Third, as we all know, many Fedora contributors live and work in the Czech Republic, especially in Brno, and this event is organized in Poland just across the Czech border. It cannot be closer.

Object-relational mapping (ORM) makes life easier for application developers, in no small part because it lets you interact with a database in a language you may know (such as Python) instead of raw SQL queries. SQLAlchemy is a Python ORM toolkit that provides access to SQL databases using Python. It is a mature ORM tool that adds the benefit of model relationships, a powerful query construction paradigm, easy serialization, and much more. Its ease of use, however, makes it easy to forget what is going on behind the scenes. Seemingly small choices made using SQLAlchemy can have important performance implications.

Okay, not exactly gaming news but good to see anyway. Krita, the high quality FOSS painting program now has a Linux version available on Steam.

They made a bit of a splash about releasing the Linux version on Steam too, in their announcement they mentioned how they're proud of it being "free, open source and community-driven software" with the Steam release meant as another direct way to support the development since it requires a purchase.

A Setback for FOSS in the Public (War) Sector, CONNECT Interoperability Project Shifting to the Private Sector

The Department of Defense has not fully implemented mandates from the Office of Management and Budget (OMB) and the 2018 National Defense Authorization Act (NDAA) to increase its use of open-source software and release code, according to a September 10 Government Accountability Office (GAO) report.
The report notes that the 2018 NDAA mandated DoD establish a pilot program on open source and a report on the program’s implementation. It also says that OMB’s M-16-21 memorandum requires all agencies to release at least 20 percent of custom-developed code as open-source, with a metric for calculating program performance.
However, DoD has released less than 10 percent of its custom code, and had not developed a measure to calculate the performance of the pilot program. In comments to GAO, the DoD CIO’s office said there has been difficulty inventorying all of its custom source code across the department, and disagreement on how to assess the success for a performance measure. While the department worked to partially implement OMB’s policy, the department had not yet issued a policy.

The Defense Department has been slow to meet a government-wide mandate to release more open-source software code, as DOD officials have concerns about cybersecurity risks and are struggling to implement such a program across the department, according to a new audit.

The Department of Defense’s congressionally mandated efforts to create an open source software program aren’t going so well.
DOD must release at least 20 percent of its custom software as open source through a pilot required by a 2016 Office of Management and Budget directive and the 2018 National Defense Authorization Act. Open source software, OMB says, can encourage collaboration, “reduce costs, streamline development, apply uniform standards, and ensure consistency in creating and delivering information.”

The Defense Department has been slow to meet a government-wide mandate to release more open-source software code, as DOD officials have concerns about cybersecurity risks and are struggling to implement such a program across the department, according to a new audit. Since 2016, DOD has been required by law to implement an open-source software pilot program in accordance with policy established by the Office of Management and Budget.

The CONNECT project, an open source project that aims to increase interoperability among organizations, is transitioning from federal stewardship to the private sector and will soon be available to everyone.
Developed ten years ago by a group of federal agencies in the Federal Health Architecture (FHA), CONNECT was a response to ONC’s original approach to a health information network. The agencies decided to build a joint health interoperability solution instead of having each agency develop its own custom solution, and they chose to make the project open source.

Linux VR Headset

Since most VR Headsets support Windows platforms today, there are very few options for Linux users. Despite its support, many people have faced troubles setting up and running their Headsets on Linux. However, not anymore. The VR gaming experience is now getting better!
The all-new Xrdesktop is an open-source development that lets you work with various desktop environments like GNOME and KDE. Since this project is under progress right now, we can hope for more features like Steam, Valve and other platforms for gaming and Virtual Reality experience.
In addition, the Xrdesktop will also offer integration with Windows as well. Once completed, it will be a great step towards traditional Linux desktop environments. The program is available for installation in both packages for Ubuntu Linux and Arch Linux.

An Easy Fix for a Stupid Mistake

I waited a long time for Mageia 7 and for OpenMandriva Lx 4. When both distros arrived, I was very happy.
But new distros bring changes, and sometimes it is not easy to adapt. Mageia 7 has been rock-solid: it is doing a great job in my laptop and both in my daughter's desktop and in mine. There is one thing, though. I have been avoiding a strange mesa update that wants to remove Steam.
OpenMandriva is also fantastic, but this new release provided options like rock, release, and rolling. When I first installed the distro, I chose rock because I was shying away from the rolling flavor. Eventually, I had to move to rolling because that was the only way in which I could manage to install Steam in both my laptop and desktop machines.